top 10 critical CVE severities that have been identified in recent years.

 


 

 

In the world of cybersecurity, a Common Vulnerability and Exposure (CVE) is a publicly disclosed vulnerability or weakness in a software or hardware product. The severity of a CVE is ranked on a scale of 1 to 10, with 10 being the most critical. In this article, we will discuss the top 10 critical CVE severities that have been identified in recent years.

 

  1. CVE-2017-5638 - Apache Struts Remote Code Execution Vulnerability (Critical Severity: 10.0)

This CVE affects Apache Struts versions 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1. The vulnerability allows remote attackers to execute arbitrary code on an affected server via a crafted Content-Type HTTP header.

 

  1. CVE-2018-7600 - Drupal Remote Code Execution Vulnerability (Critical Severity: 9.8)

This CVE affects Drupal versions 6, 7, and 8. The vulnerability allows remote attackers to execute arbitrary code on an affected server via a specially crafted request.

 

  1. CVE-2018-8174 - Windows VBScript Engine Remote Code Execution Vulnerability (Critical Severity: 9.8)

This CVE affects the VBScript engine in Windows 7, Windows Server 2008, and Windows Server 2008 R2. The vulnerability allows remote attackers to execute arbitrary code on an affected system via a specially crafted website.

 

  1. CVE-2019-0708 - Windows Remote Desktop Services Remote Code Execution Vulnerability (Critical Severity: 9.8)

This CVE affects Windows 7 and Windows Server 2008 R2. The vulnerability allows remote attackers to execute arbitrary code on an affected system via a specially crafted request to the Remote Desktop Protocol (RDP) service.

 

  1. CVE-2019-1181 - Windows Remote Desktop Services Remote Code Execution Vulnerability (Critical Severity: 9.8)

This CVE affects Windows 7 and Windows Server 2008 R2. The vulnerability allows remote attackers to execute arbitrary code on an affected system via a specially crafted request to the Remote Desktop Protocol (RDP) service.

 

  1. CVE-2019-1182 - Windows Remote Desktop Services Remote Code Execution Vulnerability (Critical Severity: 9.8)

This CVE affects Windows 7 and Windows Server 2008 R2. The vulnerability allows remote attackers to execute arbitrary code on an affected system via a specially crafted request to the Remote Desktop Protocol (RDP) service.

 

  1. CVE-2020-1472 - Microsoft Active Directory Elevation of Privilege Vulnerability (Critical Severity: 10.0)

This CVE affects Windows Server 2008 and later versions. The vulnerability allows attackers to elevate their privileges to become a domain administrator, giving them access to sensitive information and control over the entire network.

 

  1. CVE-2020-0796 - Windows SMBv3 Client/Server Remote Code Execution Vulnerability (Critical Severity: 10.0)

This CVE affects Windows 10 and Windows Server versions 1903 and 1909. The vulnerability allows attackers to execute arbitrary code on an affected system via a specially crafted packet sent to the SMBv3 service.

 

  1. CVE-2020-1350 - Windows DNS Server Remote Code Execution Vulnerability (Critical Severity: 10.0)

This CVE affects Windows Server versions 2008 to 2019. The vulnerability allows remote attackers to execute arbitrary code on an affected system by sending a specially crafted DNS request.

 

  1. CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability (Critical Severity: 9.8)

This CVE affects Microsoft Exchange Server versions 2010, 2013, 2016, and 2019. The vulnerability allows

Belum ada Komentar untuk "top 10 critical CVE severities that have been identified in recent years."

Posting Komentar

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel